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[57] ABSTRACT 

A communication system can maintain high security in 
communication between a communication apparatus and a 
terminal. The communication system includes the commu- 
nication apparatus and the terminal provided with a memory 
unit for storing data for specifying function of the commu- 
nication apparatus. The communication apparatus and the 
terminal include random number generators for generating 
random numbers, encryption/decryption key preparing units 
for preparing encryption/decryption keys on the basis of 
both random numbers and generated by the respective 
random number generators of the communication apparatus 
and the terminal and a secret key held in common by the 
communication apparatus and the terminal, and encryption/ 
decryption processing units for encrypting or decrypting 
communication data between the communication apparatus 
and the terminal containing the data by means of the 
encryption/description key, respectively. 

18 Claims, 6 Drawing Sheets 
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COMMUNICATION SYSTEM AND 
COMMUNICATION METHOD 

BACKGROUND OF THE INVENTION 

The present invention relates to a communication syslem * 
including, for example, a communication apparatus and 
various terminals represented by, for example, IC cards used 
in combination with the communication apparatus to specify 
the function of the communication apparatus, and a com- 
munication method. 

There is proposed an attempt that a receiving apparatus 
capable of receiving a number of TV programs or radio 
programs is manufactured as a communication apparatus, 
and the receiving apparatus and an IC card for placing 15 
restrictions on the receiving apparatus in accordance with 
contents of a contract, are sold as a set. 

Stored in the IC card are data defined in accordance with 
the contents of the contract which enable the receiving 
apparatus to receive only a specific program or to receive 20 
programs only during a predetermined term of the contract, 
for example. 

Accordingly, when the IC card constituting a terminal is 
connected or loaded into the receiving apparatus combined 
with the IC card as the set, communication between the 25 
receiving apparatus and the IC card is performed. The 
receiving apparatus reads out the data for specifying the 
contract contents from the IC card by means of the 
communication, so that a predetermined function is selec- 
tively given to the receiving apparatus on the basis of the 30 
data. 

In the communication between the receiving apparatus 
and the IC card, in order to prevent the inequity by forgery, 
the authentication forjudging whether both of them have a 
genuine relation with each other based on the regular 35 
contract or not is performed and, after the authentication, 
transmission and reception of data for specifying the con- 
tract contents is made therebetween. 

FIG. 6 is a schematic diagram illustrating an example of 



Sb thereof, an authentication code Y on the basis of a second 
secret key X2 held in common by the IC card 1 and the 
receiving apparatus 2, and the random number R2. The 
receiving apparatus 2 which has received the random num- 
ber R2 prepares at the authentication code preparing unit 6b 
an authentication code Y 1 on the basis of the second secret 
key X2 and the random number R2, and transmits the 
authentication code Y* to the IC card 1. 

The IC card 1 which has received the authentication code 
Y' from the receiving apparatus 2 compares at its compari- 
son unit 7 the authentication code Y with the authentication 
code Y' prepared by the unit 6b of the receiving apparatus 2 
to thereby perform a second authentication B. 

After it has been confirmed that both of them have 
genuine relation with each other based on the regular 
contract in accordance with the mutual authentication A and 
B, data specifying the contract contents arc exchanged 
therebetween in plain text. 

In the conventional system as described above, the secret 
keys XI and X2 used in the first and second authentication 
A and B can be made identical, while different keys are used 
as the secret keys XI and X2, respectively, so that cryp- 
tanalysis of the secret keys is made difficult. 

In the conventional system, however, since the data 
specifying the contract contents are exchanged in plain text, 
the plain text data can be deciphered or understood relatively 
easily by monitoring the plain text data with technical 
knowledge of a certain degree. 

Even if the plain text data are deciphered, alteration such 
as, for example, extension of a contract term, addition of 
contract, or the like is made to the IC card 1 or the receiving 
apparatus 2 is directly modified on the basis of the deci- 
phered plain text data relatively easily. 

Further, in the conventional system, the authentication 
codes X and Y' are prepared on the basis of the single 
random number Rl or R2 and the single secret key XI or 
X2, respectively. Accordingly, it is relatively easy to cryp- 
tanalyze the secret key XI or X2 by monitoring the com- 



a communication method in a communication system 40 munication between the communication apparatus and the 

terminal. The cryptanalysis of the secret key increases the 
possibility thai the terminal, such as the IC card, is forged. 



including an IC card and a receiving apparatus in a prior art. 

As shown in FIG. 6, the conventional communication 
system adopts the mutual authentication. 

An IC card 1 and a receiving apparatus 2 include random 
number generators 3 and 4, respectively. The receiving 
apparatus 2 transmits a random number Rl generated by the 
random number generator 4 to an authentication code pre- 
paring unit 5a of the IC card 1 and prepares, at an authen- 
tication code preparing unit 6a thereof, an authentication 
code X 1 on the basis of a first secret key XI held in common 
by the IC card 1 and the receiving apparatus 2 and the 
random number Rl. The IC card 1 which has received the 
random number Rl prepares, at the authentication code 
preparing unit 5a thereof, an authentication code X on the 
basis of the first secret key XI and the random number Rl 
and sends the authentication code X to the receiving appa- 
ratus 2. 

The receiving apparatus 2 which has received the authen- 
tication code X from the IC card 1 compares, at a compari- 
son unit 8 thereof, the authentication code X with the 
authentication code X' prepared by the authentication code 
preparing unit 6a to thereby perform a first authentication A. 

Further, the IC card 1 transmits a random number R2 
prepared by a random number generator 3 thereof to an 
authentication code preparing unit 66 of the receiving appa- 
ratus 2 and prepares, at an authentication code preparing unit 
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SUMMARY OF THE INVENTION 

Accordingly, it is an object of the present invention to 
provide a communication system and method capable of 
maintaining the higher security than in the prior art even if 
communication between a communication apparatus and a 
terminal is monitored. 

Further, it is another object of the present invention to 
provide a communication system and method which make 
alteration or forgery difficult as compared with the prior art. 

The communication system according to the present 
invention including a communication apparatus for recep- 
tion or transmission and a terminal provided with a memory 
unit in which data for specifying function of the communi- 
cation apparatus are stored, is characterized tn that the 
communication apparatus and the terminal each comprise a 
random number generating unit for generating a random 
number, an encryption/decryption key preparing unit for 
preparing an encryption/decryption key on the basis of both 
random numbers generated by the respective random num- 
ber generating units of the communication apparatus and the 
terminal and a secret key held in common by the commu- 
nication apparatus and the terminal, and an encryption/ 
decryption processing unit for encrypting or decrypting 
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communication data between the communication apparatus The random generating unit provided in the terminal may 

and the terminal including the data by using the encryption/ include an arithmetic operation unit for generating the 

decryption key. second random number by using the first random number 

In the communication system according to, the present grated by the random number generating unit provided in 

■ (1 „ t - ,j„ °,: n „ s mc communication apparatus and a portion for storing the 

invcnUon, the respective encryption/decryption key prepar- mmhtT rewf £* bl 

ing units provided in the communication apparatus and the . , . . J . , 

i ,u- „ *• , . , t - 4 , . • The arithmetic operation unit may be constituted by an 

f k?k »J fi i , encryption/decryption keys on the basis arithmetic drcuit fo * erati the > tcoad random number 

of both the first and second random numbers and the secre ^ * ^ of » e ^ . q 

key. Further the communication apparatus and the terminal ^ random s aon and ^ firgt random 

encrypt at the respective encryption/decryption processing J° number 

units communication data between the communication ^ ^ arilhmelic lion unit include a 

apparatus and the terminal on the basis of the encryption/ conversion processing circuit f or converting the second 

decryption keys prepared on the basis of both the random ran dom number 

numbers and the secret key, so that communication between ^ random numbcr m mc random numbcr c . 

the communication apparatus and the terminal is performed « ^ can be successivel u ^ ated b a value COflverled b the 

by means of the ciphertext. conversion processing circuit. 

Accordingly, plain text is not used in communication Furthermore, the conversion of the conversion processing 

between the communication apparatus and the terminal as in ciicuil ^ adopl a bil re pi aceme nt process or a bit inversion 

the prior art and even if communication between the com- process 

munication apparatus and the terminal is monitored, it is not 20 ^ Mmimmication method accordi to the resent 

easy to cryptanalyze data or the like for specifying contact invefltion between & ^^^^ apparatus for reception 

contents of the communication apparatus. Qr transmission and a temina] provided ^ a memory unit 

Furthermore, since the data or the like for specifying the in which dala for specifying function of the communication 
contract contents are encrypted by means of the first and ^ appara tus are stored, is characterized in that first and second 
second random numbers of two kinds and the secret key, it random numbers generated by the communication apparatus 
is extremely complicated and difficult to cryptanalyze and ^ terminal, respectively, and a secret key held in 
ciphertext as compared with cryptanalysis of a conventional common by the communication apparatus and the terminal 
authentication code which is encrypted by a single random arc uscd ^ cncrvpt tnc data and the function of the corn- 
number and a secret key and does not include plain text data 3Q munication apparatus is restricted by communication of the 
information. encrypted data. 

Consequently, the encrypted communication contents are Xhe communication apparatus and the terminal each 

not cryptanalyzed by a relatively easy cryptanalysis as in the comprise a random number generating unit, an encryption/ 

prior art. decryption key preparing unit for preparing an encryption/ 

Accordingly, it is not easy even for the user based on the 35 decryption key on the basis of the first and second random 

regular contact to cryptanalyze communication contents numbers generated by the respective random number gen- 

between the terminal used by the user itself and the com- eraling units and the secret key, and an encryption/ 

munication apparatus and alteration of the terminal and the decryption processing unit for encrypting or decrypting 

communication apparatus based on cryptanalysis of the communication data between the communication apparatus 

communication contents is prevented exactly. 4Q and the terminal including the data by using the encryption/ 

The terminal may include a reading/writing unit for decryption key, and when the terminal receives a command 
reading data from the memory unit and writing data into the frora & c communication apparatus for reading out data from 
memory unit. The reading/writing unit may include judg- ^e memory unit, the terminal encrypts the read-out data 
ment means for controlling reading of data frora and writing from lhe memory unit by means of the encryption/ 
of dala into the memory unit. Further, the encryption/ 45 decryption key to transmit the encrypted data to the corn- 
decryption key preparing means provided in the terminal munication apparatus, the terminal being responsive to a 
may include signal producing means for producing a first command from the communication apparatus for writing 
signal for permitting reading of data by the reading/writing data into lhe memory unit to decrypt ciphertext correspond- 
unit and a second signal for permitting writing of data by the ^ 10 the data b y mcans of lhc encryption/decryption key 
reading/writing unit to supply the signals to the judgment 50 and to write the decrypted data into the memory unit when 
means the terminal receives the command from the communication 

The data for specifying the function of the communication apparatus. 

apparatus may include data for specifying a receivable J ^ rcadm g °. f dala from i lhe terminal and the writing of 

program of the communication apparatus by way of data t0 the term i mal cannot be performed at the same time, 

example 55 ^ preventing the writing of data from being performed at 

, . .u c * .l. me same time as the reading of data, alteration of data to the 

Further, the data for specifying the function of the com- c&Q ^ ^ ^ 

munication apparatus may include, as another example, data 

of a term for the receivable program specified by the BRIEF DESCRIPTION OF THE DRAWINGS 

communication apparatus. 6Q FIG. 1 is a schematic diagram illustrating a communica- 

Thc signal producing means sends to the judgment unit a tion system according to the present invention; 

signal for permitting reading or writing. FIG. 2 is a schematic diagram similar to FIG. 1 illustrating 

The signal producing means can produce first and second another communication system according to the present 

flags as the signal to the judgment unit. The reading/writing invention; 

unit is permitted to read data from the memory unit in a set 65 FIG. 3 is a flow chart showing a data reading process of 

state of the first flag and to write data into the memory unit the communication system according to the present inven- 

in a set state of the second flag. tion shown in FIG. 2; 
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FIG. 4 is a flow chart showing a data writing process of 
the communication system according to the present inven- 
tion shown in FIG. 2; 

FIG. 5 is a schematic diagram illustrating another 
example of a random number generating unit in a terminal 
of the communication system according to the present 
invention; and 

FIG. 6 is a schematic diagram illustrating a conventional 
communication system. 

DESCRIPTION OF THE PREFERRED 
EMBODIMENTS 

The features which are considered characteristic of the 
invention will be mare apparent from the following descrip- 
tion taken in connection with embodiments shown in the 
accompanying drawings. 

A communication system 10 according to the present 
invention illustrated in FIG. 1 as an example comprises a 
receiving apparatus 11 such as, for example, a television 
receiver and a terminal 12 in which data for specifying the 
function of the receiving apparatus are stored. In the fol- 
lowing description, an IC card 12 is used as the terminal 12 
by way of example. 

The communication system 10 according to the present 
invention comprises the receiving apparatus 11 and the IC 
card 12 for storing data relative to, for example, a receiving 
channel or a receiving term of the receiving apparatus 11. 

The receiving apparatus 11 includes a random number 
generator 13' for generating a random number Rl, an 
encryption/decryption key preparing unit 14' for preparing 
an encryption/decryption key on the basis of a secret key XI 
held in common by the receiving apparatus 11 and the IC 
card 12, and an encryption/decryption processing unit 15' for 
encrypting plain text or decrypting cryptogram or ciphertext 
by using the encryption/decryption key Yl prepared by the 
encryption/decryption key preparing unit 14'. 

The IC card 12 combined with the receiving apparatus 11 
includes a random number generator 13 for generating a 
random number R2, an encryption/decryption key preparing 
unit 14 for preparing an encryption/decryption key on the 
basis of the secret key XI, and an encryption/decryption 
processing unit 15 for encrypting plain text or decrypting 
ciphertext by using the encryption/decryption key Yl pre- 
pared by the encryption/decryption key preparing unit 14. 

Further, the IC card 12 includes a memory unit 16 made 
of a rewritable memory such as, for example, an EEPROM 
(Electrically Erasable Programmable Read Only Memory) 
for storing programs or data and a reading/writing unit 17 for 
writing data into the memory unit and reading data from the 
memory unit. 

The encryption/decryption key preparing units 14' and 14 
of the receiving apparatus 11 and the IC card 12, 
respectively, prepare the encryption/decryption key on the 
basis of the respective secret key XI by using the random 
numbers Rl and R2 generated by the respective random 
number generator 13' and 13 and the random numbers R2 
and Rl received from the other unit by means of commu- 
nication between the receiving apparatus 11 and the IC card 
12, respectively. 

Further, the encryption/decryption processing units 15' 
and 15 of the receiving apparatus 11 and the IC card 12, 
respectively, encrypt plain text or decrypt ciphertext by 
using the encryption/decryption key Yl prepared by the 
respective encryption/decryption key preparing unit 14' and 
14, respectively. 
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Operation of each unit of the communication system 10 is 
now described. 

Before communication of cryptogram between the receiv- 
ing apparatus 11 and the IC card 12, the first random number 
5 Rl generated by the random number generator 13 1 of the 
receiving apparatus 11 is sent to the IC card 12 (step SI). On 
the other hand, the second random number R2 generated by 
the random number generator 13 of the IC card 12 is sent to 
the receiving apparatus 11 (step S2). Consequently, the 
io receiving apparatus 11 and the IC card 12 hold both of the 
first and second random numbers Rl and R2. 

The encryption/decryption key preparing units 14' and 14 
prepare the encryption/decryption key Yl on the basis of the 
secret key XI held in common by both of the receiving 
15 apparatus 11 and the I C card 12 by using both of the first and 
second random numbers Rl and R2 (steps S3 and S3'). 

The encryption/decryption processing units 15' and 15 of 
the receiving apparatus 11 and the IC card 12, respectively, 
M perform encryption and decryption by using the encryption/ 
decryption key Yl (steps S4, S4 1 and S5, S5'). 

The encryption/decryption key preparing units 14' and 14 
can be constituted by, for example, an XOR circuit which 
attains an exclusive OR of both the first and second random 
25 numbers Rl and R2 and the secret key XI . It is desirable that 
even if each of the random numbers Rl and R2 is varied 
slightly the encryption/decryption key Yl prepared by the 
encryption/decryption key preparing units 14' and 14 is 
varied greatly. 

30 More particularly, when one bit or so of a series of bits 
representative of the random number Rl or R2 to be inputted 
is varied, it is desirable to use the encryption/decryption key 
preparing unit 14' or 14 which prepares the encryption/ 
decryption key Yl which is an output corresponding to the 

35 inputted random number and constituted by a series of bits 
having, for example, four to five bits of which values are 
varied. 

The subsequent procedure is varies depending on pro- 
grams or applications in the IC card 12 for specifying the 
40 function of the receiving apparatus 11. 

Among these applications, an application which allows 
the receiving apparatus 11 to receive a specific receiving 
channel on the basis of a contract by means of the IC card 
12 is now described. 

45 

When the IC card 12 is loaded into the receiving apparatus 
11, the reading/writing unit 17 of the IC card 12 reads out 
data relative to the receivable channel stored in the memory 
unit 16 in plain text on the basis of a reading command from 

5Q the receiving apparatus 11 to supply the data to the 
encryption/decryption processing unit 15. The encryption/ 
decryption processing unit 15 encrypts the read plain text 
data by using the encryption/decryption key Yl (step S5). 
Then, the encrypted data or the read data are sent to the 

5S receiving apparatus 11 (step S6). 

The read data received by the receiving apparatus 11 arc 
decrypted at the encryption/decryption processing unit 15' of 
the receiving apparatus 11 by using the encryption/ 
decryption key Yl (step S5'). 

60 On the basis of the plain text data decrypted by the above 
decryption, restrictions arc placed on functions of the receiv- 
ing apparatus 11 so that the receiving apparatus 11 can 
receive only a predetermined channel specified by the data 
and the receiving apparatus 11 exhibits only predetermined 

6s functions. 

Further, when the receiving apparatus 11 receives a com- 
mand of writing data to the IC card 12, the receiving 
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apparatus 11 encrypts plain text of the write data at the 
encryption/decryption processing unit 15' by using the 
encryption/decryption key Yl (step S4'). The encrypted 
write data is senl to the IC card 12 (step ST). 

The write data received by the IC card 12 is decrypted at 
the encryption/decryption processing unit 15 by using the 
encryption/decryption key Yl. The decrypted plain text data 
is written in the memory unit 16 by the reading/writing unit 
17. 

The reading of data from the memory unit 16 and the 
writing of data to the memory unit 16 of the IC card 12 can 
be executed by the reading/writing unit 17 only when the 
processes at the above steps SI to S3 have been completed 
normally. 

Judgment as to whether the processes of the steps SI to S3 
have been completed normally or not can be made by 
judgment means 17a using, for example, one or a plurality 
of flags as described later. 

In communication between the receiving apparatus 11 and 
the IC card 12, data are not exchanged in plain text, and 
ciphertext is used to exchange data. Furthermore, since two 
kinds of the first and second random numbers are used to 
prepare the ciphertext, data cannot be cryptanalyzed easily 
as in the prior art even if cryptanalysis by monitoring of 
communication between the receiving apparatus 11 and the 
IC card 12 is tried. 

Accordingly, the security of the communication system 
10 is enhanced as compared with the prior art. 

More particularly, the encryption/decryption key Yl is 
varied in accordance with the random numbers Rl and R2 
each time data is read and written. Accordingly, even if a 
number of read data or write data as described above are 
monitored and the encrypted communication information 
obtained by the monitoring and operation thereof arc 
analyzed, it is substantially impossible to analyze 
commands, even if the commands arc plain text data, or the 
data itself. 

Further, even if the commands of plain text data or the 
data itself arc not analyzed, there remains the possibility that 
contents of the communication information can be analyzed 
by the analysis of encrypted specific communication infor- 
mation and operation thereof. However, as described above, 
since the analyzed communication information includes a 
parameter of the encryption/decryption key Yl varied each 
time data is read and written, it is extremely difficult to 
decrypt the communication information in order to under- 
stand the plain text data corresponding to the communica- 
tion information. 

Furthermore, even if the contents of the communication 
information including the parameter of the encryption/ 
decryption key Yl are analyzed and the communication 
information obtained with the intention of rewriting data in 
the memory unit 16 is inputted to the encryption/decryption 
processing unit 15 of the IC card 12, it is substantially 
impossible to rewrite data to intended contents since the 
encryption/decryption key Yl upon analysis is different 
from the encryption/decryption key Yl upon writing. 

Accordingly, the security of communication between the 
receiving apparatus 11 and the IC card 12 can be enhanced 
and furthermore alteration or forgery by rewriting of data in 
the IC card 12 can be prevented exactly. 

As described above, in the communication system 10, the 
encryption/decryption key Yl is prepared from the two 
random numbers Rl and R2 and the secret key XI and data 
encrypted by using the encryption/decryption key Yl are 
exchanged between the receiving apparatus 11 and the IC 
card 12. 



8,581 

8 

Accordingly, even when data having the same contents 
are read/written, values of the random numbers Rl and R2 
used upon execution thereof are varied and a value of the 
encryption/decryption key Yl is varied in accordance with 

5 the variation of the random numbers. 

Accordingly, as described above, even if communication 
between the receiving apparatus 11 and the IC card 12 is 
monitored, cryptanalysis of ciphertext is not easy and high 
security can be ensured. 

10 Further, even if contents of the communication informa- 
tion including the parameter of the encryption/decryption 
key Yl are analyzed, since a value of the encryption/ 
decryption key Yl is varied each time data is read/written, 
alteration or forgery by rewriting of data in the IC card 12 

IS can be prevented exactly and further alteration or forgery 
that the receiving apparatus 11 does not require the IC card 
12 can be also prevented exactly. 

The communication system 10 shown in FIG. 2 is basi- 
cally identical with the communication system 10 shown in 

20 FIG. 1. In the communication system of FIG. 2, reading of 
data from and writing of data into the memory unit 16 of the 
IC card 12 is controlled by two flags from the encryption/ 
decryption key preparing unit 14 of the IC card 12. 
In FIG. 2, the encryption/decryption processing units 15' 

25 and 15, the memory unit 16 and the like are omitted for 
simplification of the drawing. 

The encryption/decryption key preparing unit 14 of the IC 
card 12 includes signal producing means 14a for producing 
a first flag signal Fl which is a first signal and a second flag 

30 signal F2 which is a second signal. 

Upon turning on of a power supply of the IC card 12 and 
upon resetting of the IC card 12, both the signals from the 
signal producing means 14a are set lo a non-output state or 
a reset state "0", representing that reading and writing of 

35 data are not permitted. 

When the encryption/decryption key preparing unit 14 of 
the IC card 12 prepares the encryption/decryption key Yl, 
the signal producing means 14a sets both the first and second 
flag signals Fl and F2 to "1" representing that reading or 

40 writing of data is permitted. 

The reading/writing unit 17 of the IC card 12 includes 
judgment means 17a which receives the flag signals Fl and 
F2. 

45 When the reading/writing unit 17 receives an iastmction 
for a data reading process for reading data from the memory 
unit 16 (FIG. 1), the reading/writing unit 17 changes the 
second flag F2 to the reset state "0" if the first flag Fl is in 
the set state "1". Further, when the reading/writing unit 17 

5{J receives an instruction for a data writing process for writing 
data into the memory unit 16, the reading/writing unit 17 
changes the first flag Fl to the reset state "0" if the second 
flag F2 is in the set state "1". 
The operating of reading data from and writing data into 

55 the memory unit 16 of the IC card 12 is now described with 
reference to FIGS. 3 and 4. 

When the encryption/decryption key Yl is prepared by 
the encryption/decryption key preparing unit 14 of the IC 
card 12 as described above with reference to FIG. 1, the 

6 q encryption/decryption key preparing unit 14 sets both the 
first and second flags Fl and F2 lo the set state "1". 

At this time, when the reading/writing unit 17 receives the 
command for the data reading process, the judgment means 
17a judges whether the first flag Fl is in the set state or not 

65 (step S21) as shown in FIG. 3. 

When the first flag Fl is in the reset state "0", the 
reading/writing unit 17 terminates the data reading process. 



03/10/2004, EAST version: 1.4.1 



6,018,: 

9 

On the other hand, when the first flag Fl is in the set state 
"Y\ the second flag F2 is changed to the reset state "0" (step 
S22). In this flag state, the reading/writing unit 17 reads out 
plain text data from the memory unit 16 (FIG. 1). The plain 
text data arc encrypted by the encryption/decryption pro- 5 
cessing unit 15 by using the encryption/decryption key Yl 
as described above (step S23) and are then transmitted to the 
receiving apparatus 11 as ciphertext (step S24). 

Further, as shown in FIG. 4, when the reading/writing unit 
17 receives the command for the data writing process, the 10 
judgment means 17a judges whether the second flag F2 is in 
the set state or not (step S31). 

When the second flag F2 is in the reset state "0", the 
reading/writing unit 17 terminates the data writing process. 

On the other hand, when the second flag F2 is in the set is 
state "1", the first flag Fl is changed to the reset state "0*' 
(step S32). In this flag state, the encryption/decryption 
processing unit 15 of the IC card 12 decrypts the encrypted 
write data sent from the receiving apparatus 11 by using the 
encryption/decryption key Yl (step S33). The decrypted 20 
plain text data are written in the memory unit 16 by the 
reading/writing unit 17 (step S34). 

In the communication system 10 shown in FIG. 2, the IC 
card 12 uses the first and second flags, so that simultaneous 
or parallel processing of the data reading process and the 25 
data writing process is impossible and only one of them can 
be selectively performed. Accordingly, the simultaneous 
processing of the data reading process and the data writing 
process using the same encryption/decryption key Yl is 
impossible. 30 

In other words, the encryption/decryption key Yl is 
varied for each of the data reading process or the data 
writing process. Accordingly, even if contents of plain text 
data are identical, encrypted communication data are varied 
for each communication since the encryption/decryption key 35 
Yl is varied. 

Accordingly, higher security can be ensured. 

In addition, in the communication system 10 shown in 
FIG. 2, for example, even if a combination of one plain text 
and ciphertext corresponding to the plain text is clarified to 
thereby cryptanalyze an encryption/decryption key Yl used 
at this time and altered data are written in order to alter the 
IC card 12, an encryption/decryption key Yl upon writing 
thereof is different from the cryptanalyzed encryption/ ^ 
decryption key Yl. 

Accordingly, it is impossible to alter data as desired and 
forgery of the IC card 12 by alteration of data can be 
prevented exactly. 

In order to prevent the forgery of the IC card 12 by 50 
alteration of data, various proper measures can be adopted 
instead of adoption of the above flags to make it impossible 
to perform the simultaneous processing of the data reading 
process and the data writing process. 

As the random number generators 13' and 13 of the 55 
receiving apparatus 11 and the IC card 12 shown in FIGS. 
1 and 2, a well-known random number generator for gen- 
erating random numbers via a hardware manner or a micro- 
processor for generating random numbers via a software 
manner can be adopted. eo 

However, in order to make the IC card 12 small, the 
random number generator 13 of the IC card 12 is desirably 
configured as shown in FIG. 5. 

The random number generator 13 of the IC card 12 
includes, as shown in FIG. 5, a random number storage 65 
portion 18 constituted by a rewritable memory, for example, 
and an arithmetic operation portion 19. 
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The arithmetic operation portion 19 includes, in an 
example shown in FIG. 5, an arithmetic circuit 19a consti- 
tuted by an XOR (exclusive-OR) circuit and a random 
number conversion circuit 19b for converting a random 
number. 

An initial value R of a random number having 8 bits, for 
example, is stored in the random number storage portion 18 
and the arithmetic circuit 19a generates a random number 
R2 by an arithmetic operation (XOR) of the random number 
Rl of, for example, 8 bits received from the receiving 
apparatus 11 and the initial value R from the random number 
storage portion 18. 

Further, the random number R2 generated by the random 
number conversion circuit 19b is sent to the encryption/ 
decryption key preparing unit 14' of the receiving apparatus 
11 and the encryption/decryption key preparing unit 14 of 
the IC card 12 in order to prepare the encryption/decryption 
key Yl in the same manner as in the above example. 

Further, the random number R2 prepared by the random 
number conversion circuit 19b is sent to the random number 
storage portion 18 in order to rewrite the initial value of the 
random number after converted by the random number 
conversion circuit 19b. Consequently, the initial value R of 
the random number is successively updated each time data 
is read or written subsequently. 

Accordingly, security of communication between the 
receiving apparatus 11 and the IC card 12 can be further 
improved. 

The conversion process by the random number conver- 
sion circuit 19b can adopt a bit inversion process such that 
"1" or "0" of a specific bit of the random number R2 is 
inverted, a bit replacement process that a position of a 
specific bit is replaced with another position, or another 
conversion process properly. 

In the example shown in FIG. 5, the random number Rl 
generated by the receiving apparatus 11 can be utilized to 
generate the random number R2 in the IC card 12. 
Accordingly, the random number R2 can be prepared prop- 
erly without provision of a microprocessor for executing a 
random number generating program in the IC card 12 and 
without provision of a random number generator having a 
complicated configuration as the random number generator 
13 in the IC card 12. 

Accordingly, the security of communication can be fur- 
ther enhanced and configuration of the IC card can be 
simplified. 

In the foregoing description, the IC card is described as an 
example of the terminal, while various terminals such as a 
module, a package, or the like including integrated circuits 
can be used regardless of a form thereof. 

Further, as the memory unit of data used in various 
application programs and the random number storage 
portion, electrically rewritable non-volatile memory means 
such as a static random access memory (SRAM) with a 
backup power supply can be properly used in addition to the 
EEPROM. 

Furthermore, the present invention is not limited to a 
specific encryption system or an interface system between 
the communication apparatus and the terminal and can be 
applied to any encryption system or a contact or non-contact 
type interface system. 

What is claimed is: 

1. A communication system comprising a communication 
apparatus and a terminal for allowing a secure communica- 
tion of data therebetween, wherein said communication 
apparatus and said terminal each hold a common secret key, 
and wherein: 
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said communication apparatus comprises: 8. A communication system as claimed in claim 7, 

a first random number generating unit for generating a wherein: 

first random number; said signal producing means produces first and second 

an encryption/decryption key preparing unit for pre- flags to supp iy me flags to said judgement means; and 

fhTf,^ 5 .-ding/writing unit* ;permiUed to read daU from 

random number generating unit of said communica- memor y umt **" first fla S 15 In a ^ state and 

lion apparatus, a second random number generated £ ^ data int0 said memor y unU when me seamA 

by a second random number generating unit of said flag is in a set state. 

terminal, and the common secret key; and 1(1 9 - A communication system as claimed in claim 1 

an encryption/decryption processing unit for encrypt- 10 wherein said second random number generating unit of said 
ing or decrypting the data communicated between 16111111141 comprises an arithmetic operation portion for gen- 
said communication apparatus and said terminal by cratin S thc SCC0Qd random numbcr bv usm S the first random 
using the encryption/decryption key; and number generated by said first random number generating 
said terminal comprises: .< unit of said communication apparatus and a random numbcr 

said second random number generating unit for gener- 15 storage pomon for stonng random numbers rewntab^ 

ating the second random number; u 10 . communication system as cla.med in claim 9, 

,-i • „ e wherein said terminal is an IC card. 

an encryption/decryption key preparing unit for pre- „ 4 . . 

paring the encrypuon/decryption key on (he basis of U U . communication system as claimed in claim 9, 

the first random number generated by said first M wherein said arithmetic operation portion comprises an 

random number generating unit of said communica- 20 arithmetic operation circuit for generating the second ran- 

tion apparatus, the second random number generated 6om A number K b * means of an «J*™*« operation of a 

by said second random number generating unit of ^mber stored in said random number storage unit 

said terminal, and the common secret key; and and the first random number. 

an encryption/decryption processing unit for encrypt- „ ^ A communication system as claimed m claim 11, 

ing or decrypting the data communicated between * whcrcin said anlhmctlc °P eratl0D Portion comprises a con- 

■ , ' r . , • „,.,„„ „„j „ ■;„,„,■„,.„ version processing circuit for converting the second random 

said communication apparatus and said terminal by . r , . • . , 

using the encryption/decryption key. number > «? d whcrem . lhe rando f ( ™ m ' * *f ""J 0 " 

2. A communication system as claimed in claim 1, number stora 8 e 1 P orUon 18 ^ dated 80 ' he f random 
wherein said terminal further comprises a memory unit in 30 numbcr * ^ to a ronvc f cd valuc obtaincd from said 
which data for specifying a function of said communication 30 conversion processing circuit. 

. ■ . _ , 13. A communication system as claimed in claim 12, 

apparatus is stored. . .. • . 

3. A communication system as claimed in claim 2, wherein the conversion process by said conversion process- 
wherein the data for specifying the function of said com- m S c /™ lt 15 a ^.replacement P^cess. 

• j „ c -c • 14. A communication system as claimed in claim 12, 

muntcation apparatus comprises data for specifying a receiv- . . . . . .. 

„ f ' j „„„ • „ „ wherein the conversion process by said conversion process- 
able program of said communication apparatus. v . 3 ^ 

4. A communication system as claimed in claim 2, *g circuit » a bit inversion process 

wherein the data for specifying the function of said com- 15 A communication method for allowing a secure com- 

• „ „ *„„,-„ a, i. ~e „ »»™ f~ „ ^ munication ol data between a communication apparatus and 

munication apparatus comprises data or a term tor a receiv- . , , . L 

able program specified by said communication apparatus. 40 a ,erminal > ^"J" the communication apparatus and the 

5. A communication system as claimed in claim 2, lcrminal each hold a common kc * said mcthod 
. . comprismg: 

wherein: r . , ... . • 

. . . , r. . ,. , e generating a first random number in the communication 

said terminal further comprises a reading/wnting unit for & ° 

reading data from said memory unit and writing data appara us; , . , , 

into said memory unit; 45 generating a second random number m the terminal; 

said reading/writing unit comprises a judgement means preparing, in the communication apparatus an 

forcontrollingreadingofdatafromandwritingofdata encryption/decryption key on the basis of the first 

into said memory unit; random number generated in the communication 

said encrypUon/decryption key preparing unit of said apparatus, the second random number generated in the 

terminal comprises signal producing means for produc- 50 termma1 ' and ^ common secret ke ^ and 

ing a signal for permitting reading and writing of data preparing, in the terminal, the encryption/decryption key 

by said reading/writing unit to supply said signal to said on *** basis of thc firsl random numbcr generated in 

judgment means communication apparatus, the second random number 

6. A communication system as claimed in claim 5, generated in the terminal, and the common secret key; 
wherein said second random number generating unit of said 55 encrypting or decrypting, io each of the communication 
terminal comprises an arithmetic operation portion for gen- apparatus and the terminal, the data communicated 
erating the second random number by using the first random between the communication apparatus and the terminal 
number generated by said first random number generating b V ^8 the encryption/decryption key. 

unit of said communication apparatus and a random number A communication method for allowing a secure data 

storage portion for storing random numbers rcwritably. eo communication between a communication apparatus and a 

7. A communication system as claimed in claim 5, terminal, wherein the terminal is provided with a memory 
wherein said signal producing means produces a first signal unit in which function data specifying a function of the 
for permitting reading of data by said reading/writing unit to communication apparatus is stored, said method comprising: 
supply the first signal to said judgment means and produces storing a common secret key in each of the communica- 
a second signal for permitting writing of data by said 65 tion apparatus and the terminal; 
reading/writing unit to supply the second signal to said generating first and second random numbers in the corn- 
judgement means. munication apparatus and the terminal, respectively; 



03/10/2004, EAST Version: 1.4.1 



6,018,; 

13 

encrypting the function data by using the first and second 
random numbers generated by the communication 
apparatus and the terminal, respectively, and the com- 
mon secret key; 

restricting the function of the communication apparatus 5 
based on a communication of the encrypted function 
data. 

17. A communication method as claimed in claim 16, 
wherein the communication apparatus and the terminal each 
comprise a random number generating unit, an encryption/ 10 
decryption key preparing unit for preparing an encryption/ 
decryption key on the basis of the first and second numbers 
generated by the random number generating units of the 
communication apparatus and terminal, respectively, and the 
secret key, and an encryption/decryption processing unit for 15 
encrypting or decrypting data communicated between the 
communication apparatus and the terminal including the 
function data by using the encryption/decryption key, 
wherein: 
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when the terminal receives a command from the commu- 
nication apparatus for reading out data from the 
memory unit, the terminal encrypts the read out data 
from the memory unit by means of the encryption/ 
decryption key to transmit the encrypted data to the 
communication apparatus; and 

the terminal is responsive to a command from the com- 
munication apparatus for writing data into the memory 
unit to decrypt ciphertext corresponding to the data by 
means of the encryption/decryption key and to write the 
decrypted data into the memory unit when the terminal 
receives the command from the communication appa- 
ratus. 

18. A communication method as claimed in claim 17, 
wherein the reading of data from the terminal and the writing 
of data to the terminal cannot be performed at the same time. 

***** 



03/10/2004, EAST Version: 1.4.1 



